<?php
    session_start();

    $username = $_POST["Username"];
    $remember = isset($_POST['Remember'])?$_POST['Remember']:null;
    if($remember){
        setcookie("username",$username);
    }
    $password = $_POST["Password"]; 

    $sql = 'select * from `account` where `Username`=\''.str_replace("''",'',$username).'\'';
    $conn = new mysqli("localhost","root","","myblog");
    $rs=$conn->query($sql);
    $row = $rs->fetch_assoc();
    
    if(!$row) echo "用户名或密码错误<br />";
    else{
        $passwordInDB = $row["Password"];
        if($password!=$passwordInDB) 
            echo "用户名或密码错误<br />";
        else{
            $_SESSION["user"] = $row;
            echo "登录成功";

            header("Refresh:0;url=article_list.php");
        }
    }
    